• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.230-233
• /
• 2014

Latest Inforamtion security threats and risks change very rapidly, and there to strengthen the security level of the major companies and organizations are diversified attack to respond to a penetration test conducted. Penetration test(PenTest) is safer for the purpose of looking for vulnerabilities in computer systems by taking advantage of vulnerabilities discovered in the same way as a hacker attack. How to make a security vulnerability could be exploited by attempting to attack show. On the other hand, many security companies are testing in a variety of ways to be penetrated. However, penetration testing to evaluate the strength and reliability has not performed yet. Therefore, in this study, Penetration testing to validate and present a reliable method of evaluation. In this study, penetration testing, assessment information to provide the evaluation results are more reliable. And, as a result, efficient penetration test is expected to be possible.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.585-588
• /
• 2016

Due to the nature IoT Device (or Sensor) of the IoT System it may be susceptible (or attached) to our daily lives, so easy to direct physical access to IoT Device, which caused physical security is very weak. In this study, we implemented "Zero-Day Attack" on the ARMv7 Thumb Architecture as a direct target local system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.292-294
• /
• 2020

원자력 발전소의 계측제어시스템에 디지털 관련 기술이 적용되면서 사이버보안 위협이 증가하였고, 이에 따라 사이버보안 위협의 대응은 중요한 현안이 되었다. 하지만, 실제 운영중인 원자력 발전소에 침투 시험은 불가능하기 때문에 테스트베드를 구축 및 활용하여 사이버보안 위협을 분석해야 한다. 계측제어시스템의 비안전계통은 디지털 기반의 제어기기와 통신망이 사용되기 때문에 안전계통보다 많은 사이버보안 취약점이 존재한다. 본 연구에서는 비안전계통인 다양성보호계통을 위한 테스트베드의 구성과 취약점 확인을 위한 공격, 그리고 대처 방안에 대해 논의한다.

• Proceedings of the KIEE Conference
• /
• 2006.07c
• /
• pp.1398-1399
• /
• 2006

현재 상용화된 OLED 소자는 최대 단점인 수분 취약성의 원인으로 top emission과 flexible 타입으로 제조되는데 장애가 되고 있다. 따라서 top emission 방식과 flexible한 소자를 실현하기 위해 수분 및 산소 침투를 방지하기 위한 유전체 막의 실험이 진행되고 있는데, 본 실험에서는 기존의 PECVD보다 plasma의 density가 높은 HDP(High Density Plasma)-CVD를 사용해 SiOx 및 SiNx 유전체 film을 증착하였고 MOCON 테스트를 통한 수분침투 방지막으로써의 가능성을 검증하였다.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.350-352
• /
• 2022

자율운항선박을 IMO 자율화등급 3단계 이상으로 운용하기 위해서는 내·외부 통신시스템의 사이버보안뿐만 아니라 실시간으로 데이터를 교환하는 데이터 및 시스템 사이버안전에 대한 고려가 필수적으로 요구된다. 본 연구에서는 자율운항선박 사이버안전체계 구축방안에 대해서 살펴본다. 자율운항선박 사이버안전체계 구축을 위해서는 선박 내 사이버위협을 실시간으로 탐지하고 영향을 모니터링하는 통합 보안 시스템 구축이 필요하며, 선박 사이버안전 설계 타당성을 검증하는 사이버리스크평가 기술, 사이버안전체계를 검증하기 위한 CVE(Common Vulnerabilities Enumeration)기반 취약성 진단 및 침투테스트 기술, V-Model을 활용한 통합 소프트웨어 품질인증 기술, ISO 25024 기반 데이터 무결성 검증 기술 적용이 필요하다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.1003-1008
• /
• 2017

The Internet of Things has attracted considerable research attention in recent years. In order for the new IoT technology to be widely used, the reliability and protection of information is required. IoT systems are very vulnerable to physical security due to their easy accessibility. Along with the development of SoC technology, many operating systems have been developed and many new operating systems have been introduced. In this paper, we describe the vulnerability analysis results for operating systems running on the ARMv7 Thumb Architecture hardware platform. For the recently introduced "Windows 10 IoT Core" operating system, I implemented the Zero-Day Attack by implanting the penetration code developed through the research into a specific IoT system. The virus detection test for the resulting penetration code was validated by referral to the "virustotal" site.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.6
• /
• pp.13-22
• /
• 2004

This study proposes a risk analysis methodology for information system security management in which the complexity on the procedure that the existing risk analysis methodology is reduced to the least. The proposed risk analysis methodology is composed of 3 phases as follows: beforehand processing phase, counter measure setting phase, post processing phase. The basic risk analysis phase is a basic security management phase in which fixed items are checked when the information security system is not yet established or a means for the minimum security control is necessary for a short period of time. In the detailed risk analysis phase, elements of asset a vulnerability, and threat are analysed, and using a risk degree production table produced from these elements, the risk degree is classified into 13 cases. In regard to the risk, the 13 types of risk degree will execute physical, administrative, and technical measures through ways such as accepting, rejecting, reducing, and transferring. Also, an evaluation on a remaining risk of information system is performed through a penetration test, and security policy set up and post management phase is to be carried out.

• Journal of the Society of Cosmetic Scientists of Korea
• /
• v.40 no.3
• /
• pp.247-257
• /
• 2014

Oil-in-water nanoemulsions of astaxanthin prepared by new vesicle, glyceryl citrate/ lactate/ linoleate/ oleate, were evaluated thoroughly in terms of cosmeceutical properties such as antioxidant effect, cell viability, influence of protein related enzyme, skin penetration, skin hydration and elasticity. Antioxidant effect and cell viability of nanoemulsion of astaxanthin were evaluated by DPPH and MTT assay. Also other properties of nanoemulsions of astaxanthin were measured by proteome analysis using 2D-PAGE, confocal laser scanning microscope and in-vivo test. We were able to find that the nanoemulsion of astaxanthin is good at scavenging of radical and inhibits the degradation of dermal extracellular matrix with the down-regulation of MMPs and other proteins related to MMP expression. CLSM was adopted for observing penetration of nanoemulsion of astaxanthin and showed high effective penetration rate compared to the nanoemulsion of astaxanthin prepared by conventional lecithin. In-vivo measurement of the nanoemulsions in hydration and elasticity were conducted to 11 Korean female adults for 28 days and showed better results.

• Journal of Korea Water Resources Association
• /
• v.45 no.1
• /
• pp.53-64
• /
• 2012

In this study (II), the module developed in the previous study (I) has been tested on application and numerical stability. The runoff module was compared the result of analysis with two different models (FFC2Q and $Vflo^{TM}$) considering characteristic of infiltration. To examine the application and stability of developed module, runoff aspect was simulated under the variety case of rainfall intensity, effective soil depth, elapsed time. The development module was presented typical type of infiltration process looking physically, the different of saturation point on soil type, and characteristic of soil type. Also, the module was reflected in the runoff feature about rainfall intensity and time distribution. Finally, this paper drew a conclusion that result of rainfall-runoff analysis as compared with difference models (FFC2Q and $Vflo^{TM}$) has a high accuracy.

• Proceedings of the Korean Reliability Society Conference
• /
• 2011.06a
• /
• pp.163-171
• /
• 2011

본 논문에서는 LED 패키지 내부 이종물질간의 열팽창계수 차에 의한 박리 현상 및 이에 따른 LED 광속저하 메커니즘의 규명에 대한 연구를 진행하였다. 친환경 조명의 대두 및 고휘도 White LED의 급속적인 발전과 개발에 따라 LED 패키지 고장 형태가 점점 줄어드는 추세이기는 하나, 여전히 실사용 환경에서는 LED 패키지의 고장이 다양한 형태로 발생되고 있는 것이 실정이다. 이 중 LED 패키지 내부 이종물질간의 박리에 의한 고장은 LED 발광효율을 감소시키는 형태로 발생되고, 이에 대한 영향을 최소화하기 위하여 LED 패키지 제조업체 및 다수의 연구소에서 많은 노력을 기울이고 있다. 대표적인 박리 검사방법으로는 잉크침투 테스트 방법을 보편적으로 사용하고 있으나, 이 방법은 시료의 파손 및 검사 시간이 24시간이상 소요된다는 단점을 가지고 있다. 이에 본 논문에서는 헬륨 가스를 사용하여 LED 패키지 박리 유무를 검출해 내는 평가법을 제시하였고, 이 방법을 통하여 시료 파손 없이 짧은 시간 안에 박리 유무를 평가할 수 있음을 확인 할 수 있었다.